Last week, TOC reported the alleged purchase of “weaponised German surveillance malware” by a Singapore company, as revealed in a Wikileaks media release on 15 September.
The Singapore company which is said to have purchased the products is apparently PCS Security Pte Ltd, which was incorporated in 1998 by two Singaporeans, and is now headed by five Singaporeans with $2 million dollars of paid up capital.
TOC understands that this private company is wholly owned by Phoenix Co-operation Society Ltd, but more information is publicly unavailable on the co-op except that it was granted a statutory exemption from the Government under the Co-operative Societies Act.
This bestowed full administrative powers on the president of Phoenix, unlike other co-operatives.
Till date, there has been no response from the contact person listed for Phoenix Co-operative Society Ltd on who exactly is the president of co-operative.
On its website, PCS says it prides itself “in delivering value-added systems with our domain expertise and experience in Homeland Security and Infocomm Security.”
“We have the expertise and capability to deliver cutting-edge technology solutions for our Customers in the Government, trade and the commercial sector,” it said.
TOC has sent repeated queries to PCS Security on the accusations of the company purchasing the surveillance malware by Wikileaks since last week , but the company has yet to respond.
While TOC investigates further on PCS Security Ltd, let’s look at the capability of the malware and items said to be purchased by PCS.
In the information released by Wikileaks, the licences purchased by PCS Security Pte Ltd from Finfisher are FinSpy, FinIntrusion, FinUSB Suite and FinUSB.
FinSpy is described by the software company as a field-proven remote monitoring solution that allows monitoring of mobile and security-aware targets that regularly change location, use encrypted and anonymous communication channels and travel inter-nationally.
When FinSpy is installed on a computer system, the surveillance system can be remotely controlled and accessed as soon as it is connected to the Internet, no matter where in the world the system is located.
However, users will need to obtain FinSpy licenses from Finfisher as information is routed through Finfisher’s server before reaching the users’ terminal.
From the information provided by Wikileaks, it is surmised that PCS purchased licenses to monitor up to 500 targets in 2012.
The FinFly USB provides an easy-to-use and reliable way of installing Remote Monitoring Solutions on computer systems when physical access is available to the agents.
Once the FinFly USB is inserted into a computer, it automatically installs the configured software with little or no user-interaction and does not require IT-trained agents when being used in operations. The FinFly USB can be used against multiple systems before being returned to the agent’s headquarters.
FinIntrusion Kit described as an up-to-date and covert operational kit that can be used for most common IT intrusion operations in defensive and offensive areas.
The kit comes as a portable covert tactical unit that includes many common IT intrusion devices, all necessary adapters and antennas which can be used with the purchased malware.
FinUSB Suite is a flexible product that enables law enforcement agencies to quickly and securely extract forensic information from computer systems without the requirement of IT trained agents.
The suite consists of a headquarter notebook and ten encrypted USB dongles. They look just like any common USB stick and are easy to use, as they are pre-programmed to search exactly the data that is needed. The user interface makes it easy to configure the dongle’s operational options and to decrypt and analyse the gathered data.
FinFisher malware is said to be able to operate under all major desktop and mobile operating systems, namely Windows, OS X, Linux, Android, iOS, BlackBerry, Symbian, and Windows Mobile.
TOC asked a local network administrator, Chong Kai Xiong, about his thoughts on this surveillance system.
“FinFisher is extremely intrusive, much more so than the average spyware. It runs on every platform imaginable and collects literally everything there is to collect on infected devices. Contact lists, emails, chat messages, webcam videos, screenshots, keystrokes, you name it.
“In this information age where many people live out their lives online, the use of FinFisher against anyone is a criminal breach of privacy.
“And like all forms of malware, FinFisher requires software exploits or plain deception for delivery to the target person’s device(s). This raises a whole host of other legal and ethical issues.”
TOC sent emails to the Attorney General Chambers last week about the legality of such software and the act of hacking into one’s computer using such software but we have yet to receive any replies from them.
